community-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Terri Gantt <terrigantt6...@gmail.com>
Subject Re: AW: Are Apache projects affected by the informations leaked by the NSA hack ?
Date Fri, 26 Aug 2016 18:11:57 GMT
think u get the wrong email

On Aug 26, 2016 8:57 AM, "Jacques Le Roux" <jacques.le.roux@les7arts.com>
wrote:

> Thanks Daniel!
>
> Jacques
>
>
> Le 26/08/2016 à 12:09, Daniel Gruno a écrit :
>
>> Hi Marco,
>>
>> I would suggest you check out
>> https://musalbas.com/2016/08/16/equation-group-firewall-oper
>> ations-catalogue.html
>> for a review of the exploits supposedly found. There doesn't seem to be
>> any ASF-related software mentioned, although it's of course always a
>> possibility ;)
>>
>> With regards,
>> Daniel.
>>
>> On 08/26/2016 12:00 PM, Marco Esser wrote:
>>
>>> Hi Mark,
>>>
>>>
>>> Thank you for your quick response !
>>> I doesn't mean the leak by Edward Snowden. A group called Shadow Brokers
>>> hacked a least one NSA server. Edward Snowden thinks that it must be a NSA
>>> malware staging server.
>>>
>>> As far as I understand they spread some information and tools for free
>>> and want to have a lot of money to give away the rest. See these links as a
>>> start point to this story:
>>>
>>> http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers
>>>
>>> <http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers><
>>> https://theintercept.com/2016/08/19/the-nsa-was-
>>> hacked-snowden-documents-confirm/>https://theintercept.
>>> com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/
>>>
>>> [https://prod01-cdn06.cdn.firstlook.org/wp-uploads/sites/1/
>>> 2016/08/NSA-drive-feature-hero.jpg]<https://theintercept
>>> .com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/>
>>>
>>> The NSA Leak Is Real, Snowden Documents Confirm<https://theintercept.c
>>> om/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/>
>>> theintercept.com
>>> A never-before-published NSA manual makes it clear that malware released
>>> by a hacker group this week came from the spy agency.
>>>
>>>
>>> [https://prod01-cdn06.cdn.firstlook.org/wp-uploads/sites/1/
>>> 2016/08/NSA-drive-feature-hero.jpg]<https://theintercept
>>> .com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/>
>>>
>>> The NSA Leak Is Real, Snowden Documents Confirm<https://theintercept.c
>>> om/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/>
>>> theintercept.com
>>> A never-before-published NSA manual makes it clear that malware released
>>> by a hacker group this week came from the spy agency.
>>>
>>>
>>>
>>> [http://wi-images.condecdn.net/image/PJPdyP8z5km/crop/1020]<
>>> http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers>
>>>
>>> Hacking the hackers: everything you need to know about Shadow Brokers'
>>> attack on the NSA<http://www.wired.co.uk/art
>>> icle/nsa-hacking-tools-stolen-hackers>
>>> www.wired.co.uk
>>> A mystery group claims to be selling malware and tools used by America's
>>> National Security Agency
>>>
>>>
>>>
>>>
>>>
>>> ________________________________
>>> Von: Mark Thomas <markt@apache.org>
>>> Gesendet: Freitag, 26. August 2016 11:43
>>> An: dev@community.apache.org
>>> Betreff: Re: Are Apache projects affected by the informations leaked by
>>> the NSA hack ?
>>>
>>> On 26/08/2016 10:13, Marco Esser wrote:
>>>
>>>> Hello All,
>>>>
>>>> i hope I´m posting my question to the right mailing list. I searched a
>>>> long time for as better place but din´t find one.
>>>>
>>>>
>>>> Does somebody analyze the available information from the NSA Hack
>>>> regarding influence on software developed in the apache projects ?
>>>>
>>> I assume you mean the leaks by Edward Snowden. I don't recall seeing
>>> anything in the news regarding the NSA being hacked.
>>>
>>> I'm involved in the Apache security team and the Apache Tomcat project.
>>> I'm not aware of any analysis of the Snowden leak w.r.t. vulnerabilities
>>> in / back-doors in / influence on Apache software.
>>>
>>> My special interest is to get knowledge about NSA hack tools or the try
>>>> to implement backdoors, etc in the following software used by my customers:
>>>>
>>>> Apache HTTP
>>>> Tomcat applicationserver
>>>> popular modules for both servers
>>>>
>>> I've only investigated the Tomcat vulnerabilities in any depth. None of
>>> the issues I have seen in my long involvement in the Apache Tomcat
>>> project has been suggestive of a deliberate back door being placed in
>>> the code.
>>>
>>> Mark
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: dev-unsubscribe@community.apache.org
>>> For additional commands, e-mail: dev-help@community.apache.org
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@community.apache.org
>> For additional commands, e-mail: dev-help@community.apache.org
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@community.apache.org
> For additional commands, e-mail: dev-help@community.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message